package security.expression;

import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Component;
import security.domain.Permission;
import security.service.impl.LoginUser;

import java.util.List;

@Component(value = "permission")
public class CheckPermission {
    public boolean hasPermission(String permission){
        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
        //获取当前认证的对象
        LoginUser principal = (LoginUser) authentication.getPrincipal();
        //获取对象的权限
        List<Permission> permissions = principal.getPermissions();
        //判断是否包含权限
        for (Permission p : permissions) {
            if(p.getPermission_name().equals(permission)){
                return true;
            }
        }
        return false;
    }
}
